Flask-CORS is a simple extension to Flask allowing you to support cross origin resource sharing (CORS) using a simple decorator.
Install the extension with using pip, or easy_install.
$ pip install flask-corsThis extension exposes a simple decorator to decorate flask routes with.
Simply add @cross_origin() below a call to Flask's
@app.route(..) incanation to accept the default options and allow
CORS on a given route.
@app.route("/")
@cross_origin() # allow all origins all methods.
def helloWorld():
return "Hello, cross-origin-world!"When using JSON cross origin, browsers will issue a pre-flight OPTIONS request for POST requests. In order for browsers to allow POST requests with a JSON content type, you must allow the Content-Type header.
@app.route("/user/create", methods=['GET','POST'])
@cross_origin(headers=['Content-Type']) # Send Access-Control-Allow-Headers
def cross_origin_json_post():
return jsonify(success=True)Alternatively, setting your application's CORS_ORIGINS configuration
property will
app.config['CORS_ORIGINS'] = ['Foo', 'Bar']
@app.route("/")
@cross_origin() # will return CORS headers for origins 'Foo' and 'Bar'
def helloWorld():
return "Hello, cross-origin-world!"For a full list of options, please see the full documentation
A simple set of tests is included in test.py. To run, install nose,
and simply invoke nosetests or run python test.py or
python setup.py test to exercise the tests.
Questions, comments or improvements? Please create an issue on Github, tweet at [@wcdolphin](https://twitter.com/wcdolphin) or send me an email.
